Marks and Spencer (M&S) has temporarily halted all online and app orders following a significant cyber attack that has disrupted its operations. The incident, which began affecting customers over the weekend of April 19-20, 2025, led to widespread issues with payments and order processing. In a statement released on April 22, M&S confirmed the cyber incident and announced that it would pause online orders to protect both customers and the business.
CEO Stuart Machin addressed the situation in an email to customers, stating, "I’m writing to let you know that over the last few days M&S has been managing a cyber incident. To protect you and the business, it was necessary to temporarily make some small changes to our store operations, and I am sincerely sorry if you experienced any inconvenience." The retailer has assured its customers that they do not need to take any action regarding their orders during this period.
As part of its proactive management of the incident, M&S has paused orders on its UK and Ireland websites and apps, as well as some international sites. The company has also committed to refunding any orders placed on Friday, April 25, 2025, the day it announced the full suspension of online services. In the wake of this announcement, M&S shares saw a decline of 5%, reflecting investor concerns about the impact of the cyber attack on the company's revenue.
Despite the online disruptions, M&S stores remain open, and customers can continue to shop in person. The retailer has emphasized that its product range is still available for browsing online, even though purchases cannot be completed through its digital platforms. M&S has also reported that issues have arisen with contactless payments, Click & Collect services, and the use of gift cards, further complicating the shopping experience for customers.
In a post on social media platform X (formerly Twitter), M&S expressed gratitude for the understanding and support from customers, colleagues, and partners during this challenging time. "We are truly sorry for this inconvenience. Our experienced team - supported by leading cyber experts - is working extremely hard to restart online and app shopping," the company stated.
The cyber incident has raised concerns about the broader implications for M&S's operations. Nathaniel Jones, vice president of Security & AI Strategy at cybersecurity firm Darktrace, noted that the decision to halt online sales illustrates the cascading impact these attacks can have on revenue streams. He remarked, "It demonstrates how quickly cyber incidents can cripple retail operations across both digital and physical channels."
William Wright from cybersecurity firm Closed Door Security echoed these sentiments, suggesting that the disruption could have a material impact on M&S's financial performance. "Data shows almost a quarter of the store's sales happen online, so no matter how long this pause is put in place, it will hurt M&S financially," he stated.
M&S is not alone in facing such challenges; it joins a list of major retailers that have experienced significant disruptions to their online services in recent months. For instance, Morrisons encountered severe problems with its Christmas orders last year, while Barclays faced IT issues in January 2025 that affected its app and online banking, potentially leading to compensation payments of £12.5 million. In February, several banks, including Lloyds, suffered outages that left businesses unable to pay staff.
The Information Commissioner’s Office has indicated that it is assessing the information provided by M&S regarding the cyber incident. The retailer has also reported the situation to the National Cyber Security Centre (NCSC), which is working alongside the National Crime Agency to support M&S in its recovery efforts.
As the company navigates the fallout from this cyber attack, customers have expressed frustration over the handling of the incident, particularly concerning communication about the status of their orders and the use of gift cards. One customer shared their experience on social media, stating that they had been informed the issue with gift cards was resolved, only to find that it was not when they attempted to use one in-store.
While many customers have voiced their frustrations, others have praised M&S staff for their service during this tumultuous time, urging customers not to take their frustrations out on frontline workers. The situation remains fluid, and M&S continues to update its customers as it works to restore normal operations.
In summary, M&S's decision to pause online and app orders is a significant response to a cyber attack that has caused operational disruptions. The company is actively managing the situation and has assured customers that they can still shop in-store while it works to resolve the issues affecting its online services. As the retailer seeks to recover from this incident, the impact on its business and customer relations will be closely monitored.
